A blog covering ICT, Security and Technology

Menu

Side Channel Cryptanalysis

In line with the previous post, it is of interest, albeit only at the research level and we should not really worry about it right now, the paper published by Adi Shamir, Daniel Genkin and Eran Tromer (download here and here for a comment) in which they describe how they have been able to extract an RSA private key managed by GnuPG 1.4.x (current version is 2.x) by listening to the noises of the PC.

Yes, an acoustic attack on cryptographic private keys seems very unlikely, even if the idea has been discussed for long time. It is very interesting that it has been shown possible in practice, and this means that also other side channel attacks, like listening on the power cord, should be considered seriously at least when your security requirements are really high.